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Claims 1-3 are cancelled. 
Add new claims 5-20. 

4, An electronic method for delegated u$t of an electronic key comprising steps 

of: 

stoning m& key in a first electronic device; 

tOMmunicatbg m electronic delegation e&tifk&te to a delegate; 

sending a request and the ddegatkm certified 'from the delegate to the first 
eteefcrome device; and 

tiding mid first electronic device to use the electronic key in response to tfee 
request md the dekg&ison certificate. 
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5. A method for remotely invoking the use of a secret cryptographic key share in a 
process to generate a digital signature where authority to use the secret cryptographic key share 
lies with an authorizing entity located remotely from the cryptographic key share, the method 
comprising: 

(a) storing the secret cryptographic key share securely in a first computational device 
at a fi rst location ; 

(h) communicating, over a communication channel from the authorising entity at a 
second location to the computational device at the first location, information that (i) identifies a 
document to be signed, (it) identifies the secret cryptographic key share, and (iii) establishes 
authon-^ation to use the secret cryptographic key share; 

(c) at the first location, generating at least a partial result in a cryptographic process 
to generate the digital signature; md 

(A) communicating, from the first location to a location other than the first location, 
the at tease partial result in the process to generate the digital signature, 

(k The method, of claim 5 where the step of communicating an authorization to use 
the secret cryptographic key share includes communicating a hash of the document to he signed 
to the first location. 
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7. The method of ctmm 5 where the step of commimkatmg an authorization to use 
mt secjrct cryptographic key share includes a step of authenticating the authorizing entity to the 
fmi computational device. 

%. The method ofe&lm 7 wfeere the step of autherttk^ting the authorising entity 
irsdiKfes a step of m$Mtm & «ft«Wo« from the authorizing entity with, a signature key 
associated mih the atrthoridng entity. 

9, The method of claim 7 where the. step of communicating m mthorvmiion to mc 
the secret cryptographic key share includes communicating a certificate identifying the 
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10. The method of ekim 5 where use of the secret c ry ptog raphic key share requires 
mithwlmnm (mm a plurality of authorizing entities, at teas* one of which is located remotely 
from the e?yptogr&j?hie key share. 

1 1 . The method of dmm 5 where c*>mmunic&uttg from tine au&orizmg entity at a 
second bcauo** to the computational device ar the first tocmion Include a step of communicating 
fefoiroat ior* In enerypted f<>rxrt 

1 2. A. method for remotely i nvoking ihe use of a secret value in a process of 
providing i«i electronic service where authority to use the secret value lies with an authorizing 
entity located remotely from the aeeret value, the method comprising: 
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<a) storing the secret value in a fmi timxonk device at a first k>caiio&; 

(b) eomrnuincsting, over a c.otnmuitic*ttoa ehannd from the authorising entity at a 
second tecaiioa to the electronic device at the first locution, information identifying (i) ihe 
electronic service^ (fi) the secret value, and (ni) m authorization to \m the secret value; 

(c) at the first location, gen&nittng an electronic result the secret, value; and 

(d) comnmnkating the electronic result from the first location to a location other than 
the first location, 

i 3, The- method of claim. 12 where the electronic service i s the generation of an 
electronic signature.. 

1 4, The method of claim I 3 where communktatittg an authorization to use the- secret 
value Includes commuakating* to the first location a hash of a document m be signed, 

15, The method of claim 12 where communicati ng m mihmv/Mmn to use the secret 
value includes of authenticating the authorizing entity to the firs* electronic device. 

3 & The method of cl aim 1 5 where of authenticating the authorizing entity I ncludes 
signing a communication from ihe authorizing entity with a signature kty associated with the 
authoring entity. 

} 7 , The method, of claim 15 where communicat ing an a&hori&Jlkm IQ use the secret 
value includes communicating a certificate identifying the authorizing entity. 



Application/Control Number: 09/816,684 
Art Unit: 2132 



Page 7 



1 8.. Th£ method #f claim 'I where use of the szem value requires authorization (mm a 
plurality of authorising entities, at least om of which is located remotely from the secret value. 

i 9. The method of dakn 1 2 where the secre t value is a share of a secret key of an 
asymmetric key pair. 

30. The- method of claim. 12 where contmunlcming from the authorizing entity m a 
second location to the compuiational device at the First location include a step of c<mxmmkmmg 
information m encrypted form* 



